Towards Attack-Resilient Autonomous Cyber Defense

Abstract

Autonomous cyber defense is a growing area promising a fast and predictable recovery of a network aftern an intrusion alert. These systems operate in an adversarial environment and advanced threats have all the incentives to attack not only the tactical network but also the autonomous cyber defense mechanism to achieve their objectives. Automated responses are double-edged in that they can be very good at protecting the system from benign and known anomalies but they may be exploited against an intelligent adversary to push the system into an undesirable state. In this project we plan to develop the foundations and techniques of a reasoning framework that applies adversarial thinking to autonomy used for attack recovery functions. Our main objective is to develop theoretical and practical foundations for adversarial thinking. Our first objective is to systematically analyze the potential threats, and the second objective is to identify research directions for creating attack-resilient autonomous agents responding to intrusion alerts. To analyze the threats, we need to consider both (1) the theoretical tools for developing autonomous agents (such as threats against Reinforcement Learning) as well as (2) the unique threats when implementing these general solutions in a computer network. One key observations is that autonomous cyber defense mechanisms are feedback control systems, so we can leverage several techniques (attacks and defenses) proposed in the last two decades from the literature on securing cyber-physical systems. We are particularly interested in defending against enchanting attacks. In an enchanting attack, an attacker wants to drive the tactical network under protection to an undersirable state by exploiting the autonomous actions of our agents. These types of attacks represent a unique threat surface that autonomous agents might create in tactical computer networks (it might give the adversary a way to control the state of the network). This threat model is potentially more realizable than the physical perturbations of cameras proposed by previous work.

Document Details

Document Type
DoD Grant Award
Publication Date
Sep 01, 2023
Source ID
W911NF2310373

Entities

People

  • Alvaro Cardenas

Organizations

  • Army Contracting Command
  • United States Army
  • University of California, Santa Cruz

Tags

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Cybersecurity.
  • Neural Network Machine Learning.

Technology Areas

  • AI & ML
  • AI & ML - Autonomous Systems
  • AI & ML - DoD AI Strategy
  • Cyber